CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/19 2:44 p.m.•4 views

GHSA-Q862-GCGQ-5M6G HAXcms createSite SSRF Enables Arbitrary File Read

Summary An authenticated Server-Side Request Forgery SSRF vulnerability in HAXcms allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and internal network access. Details The createSite endpoint in HAXcms...

7.1CVSS5.9AI score0.00238EPSS

Exploits0References3

EUVD•added 2026/05/11 6:31 p.m.•8 views

EUVD-2026-29093

A Server-Side Request Forgery SSRF vulnerability exists in MLflow versions prior to 3.9.0. The createwebhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation, and the sendwebhookrequest function in mlflow/webhooks/delivery.py sends HTTP POST request...

7.1CVSS6AI score0.00248EPSS

ATTACKERKB•added 2026/05/11 4:30 p.m.•7 views

CVE-2026-2393

7.1CVSS7.3AI score0.00248EPSS

NVD•added 2026/04/30 10:16 p.m.•0 views

CVE-2026-6543

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This allows reading sensitive environment variables API keys, DB credentials, modifying files, or launching further attacks on the internal netwo...

8.8CVSS0.0047EPSS

Vulnrichment•added 2026/04/30 9:11 p.m.•3 views

CVE-2026-6543 Authenticated Remote Code Execution Vulnerability in Langflow Code Validation Endpoint

8.8CVSS6AI score0.0047EPSS

Snyk•added 2026/04/16 9:23 p.m.•2 views

Server-side Request Forgery (SSRF)

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via ExecuteFlow.ts. An attacker can cause the server to initiate HTTP requests to internal network addresses, potentially accessing sensitive management...

7.1CVSS5.8AI score

CVE•added 2026/04/10 4:39 p.m.•8 views

CVE-2026-40100

CVE-2026-40100 affects FastGPT prior to version 4.14.10.3. The /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication; the internal IP check in isInternalAddress() only blocks private IPs when CHECK_INTERNAL_IP is true (not the default), enabling unauthenticated SSR...

5.3CVSS5.9AI score0.00253EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/03/19 12:0 a.m.•3 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.1 had code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing during the redirection resolution of websearch, which could lead to requests being ma...

7.4CVSS5.9AI score0.00184EPSS

OSV•added 2026/03/12 2:23 p.m.•1 views

GHSA-56CV-C5P2-J2WG SiYuan has a Full-Read SSRF via /api/network/forwardProxy

Summary The /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to...

8.3CVSS6AI score0.00278EPSS

Cvelist•added 2026/03/11 7:30 p.m.•25 views

CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...

5.3CVSS0.00097EPSS

Github Security Blog•added 2026/03/11 12:37 a.m.•5 views

Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval

Impact Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple's notarization service, which is not possible under standard network...

5.3CVSS5.9AI score0.00097EPSS

Exploits0References6Affected Software1

OSV•added 2026/02/26 12:36 a.m.•6 views

CVE-2026-27829 Astro is vulnerable to SSRF due to missing allowlist enforcement in remote image inferSize

Astro is a web framework. In versions 9.0.0 through 9.5.3, a bug in Astro's image pipeline allows bypassing image.domains / image.remotePatterns restrictions, enabling the server to fetch content from unauthorized remote hosts. Astro provides an inferSize option that fetches remote images at rend...

6.5CVSS5.9AI score0.00281EPSS

Exploits1References4

Vulnrichment•added 2025/12/10 11:27 a.m.•4 views

CVE-2025-13953 Bypass in the authentication method of the GTT Sistema de Información Tributario application

Bypass vulnerability in the authentication method in the GTT Tax Information System application, related to the Active Directory LDAP login method. Authentication is performed through a local WebSocket, but the web application does not properly validate the authenticity or origin of the data...

9.3CVSS6.3AI score0.0041EPSS

Cvelist•added 2025/11/17 12:0 a.m.•8 views

CVE-2025-63917

PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity XXE references. The application uses .NET's XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from the victim's filesystem,...

0.00338EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-17130

Malware in sbrugna...

4.3CVSS4.8AI score0.00266EPSS